Agent: Change logic for generating random password
This commit is contained in:
parent
b8ed464909
commit
820d47c9cc
|
@ -41,7 +41,7 @@ class CommunicateAsBackdoorUser(PBA):
|
||||||
def run(self):
|
def run(self):
|
||||||
username = CommunicateAsBackdoorUser.get_random_new_user_name()
|
username = CommunicateAsBackdoorUser.get_random_new_user_name()
|
||||||
try:
|
try:
|
||||||
password = get_random_password()
|
password = get_random_password(14)
|
||||||
with create_auto_new_user(username, password) as new_user:
|
with create_auto_new_user(username, password) as new_user:
|
||||||
http_request_commandline = (
|
http_request_commandline = (
|
||||||
CommunicateAsBackdoorUser.get_commandline_for_http_request(
|
CommunicateAsBackdoorUser.get_commandline_for_http_request(
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
import secrets
|
import secrets
|
||||||
|
import string
|
||||||
|
|
||||||
SECRET_BYTE_LENGTH = 32
|
SECRET_LENGTH = 32
|
||||||
|
|
||||||
|
|
||||||
def get_random_password(length: int = SECRET_BYTE_LENGTH) -> str:
|
def get_random_password(length: int = SECRET_LENGTH) -> str:
|
||||||
password = secrets.token_urlsafe(length)
|
alphabet = string.ascii_letters + string.digits + string.punctuation
|
||||||
|
password = "".join(secrets.choice(alphabet) for i in range(length))
|
||||||
return password
|
return password
|
||||||
|
|
|
@ -2,12 +2,17 @@ from infection_monkey.utils.random_password_generator import get_random_password
|
||||||
|
|
||||||
|
|
||||||
def test_get_random_password__length():
|
def test_get_random_password__length():
|
||||||
password_byte_length = len(get_random_password().encode())
|
password_length = len(get_random_password())
|
||||||
# 32 is the recommended secure byte length for secrets
|
# 32 is the recommended secure byte length for secrets
|
||||||
assert password_byte_length >= 32
|
assert password_length == 32
|
||||||
|
|
||||||
|
|
||||||
|
def test_get_random_password__custom_length():
|
||||||
|
password_length = len(get_random_password(14))
|
||||||
|
assert password_length == 14
|
||||||
|
|
||||||
|
|
||||||
def test_get_random_password__randomness():
|
def test_get_random_password__randomness():
|
||||||
random_password1 = get_random_password()
|
random_password1 = get_random_password()
|
||||||
random_password2 = get_random_password()
|
random_password2 = get_random_password()
|
||||||
assert not random_password1 == random_password2
|
assert random_password1 != random_password2
|
||||||
|
|
Loading…
Reference in New Issue